LinuxQuestions.org
Review your favorite Linux distribution.
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
Reload this Page Firewall configuration fedora
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 11-13-2013, 11:17 AM   #1
NewFedoraUser5
LQ Newbie
 
Registered: Nov 2013
Posts: 7

Rep: Reputation: Disabled
Firewall configuration fedora

hi

in network zone i chose block zone is this can do problem with software's or with fedora update or is only block the Lan?


in ICMP filter which option i need to enable for more security?

http://i40.tinypic.com/2dbt2mt.png
 
Old 11-13-2013, 01:20 PM   #2
John VV
LQ Muse
 
Registered: Aug 2005
Location: A2 area Mi.
Posts: 17,624

Rep: Reputation: 2651Reputation: 2651Reputation: 2651Reputation: 2651Reputation: 2651Reputation: 2651Reputation: 2651Reputation: 2651Reputation: 2651Reputation: 2651Reputation: 2651
Normally fedora's default settings are fine , and a bit of over kill.
You will often find you need to open ports .

and what "zone" are you blocking ?

https://fedoraproject.org/wiki/How_t...iptables_rules

http://docs.fedoraproject.org/en-US/...Security_Guide
 
Old 11-13-2013, 03:19 PM   #3
NewFedoraUser5
LQ Newbie
 
Registered: Nov 2013
Posts: 7

Original Poster
Rep: Reputation: Disabled
can you pls answer the question about icmp filter
or at least tell me what setting you apply in the icmp filter
 
Old 11-13-2013, 05:01 PM   #4
John VV
LQ Muse
 
Registered: Aug 2005
Location: A2 area Mi.
Posts: 17,624

Rep: Reputation: 2651Reputation: 2651Reputation: 2651Reputation: 2651Reputation: 2651Reputation: 2651Reputation: 2651Reputation: 2651Reputation: 2651Reputation: 2651Reputation: 2651
well you have "unreachable " highlighted
put a check in it if YOU DO NOT WANT A ERROR MASSAGE ABOUT UNREACHABLE ADDRESSES
otherwise
leave everything unchecked to RECEIVE the error massage
 
Old 11-14-2013, 02:43 AM   #5
NewFedoraUser5
LQ Newbie
 
Registered: Nov 2013
Posts: 7

Original Poster
Rep: Reputation: Disabled
in my windows machine was firewall comodo that have icmp filter that block ping and port scan,
 
Old 11-14-2013, 12:57 PM   #6
John VV
LQ Muse
 
Registered: Aug 2005
Location: A2 area Mi.
Posts: 17,624

Rep: Reputation: 2651Reputation: 2651Reputation: 2651Reputation: 2651Reputation: 2651Reputation: 2651Reputation: 2651Reputation: 2651Reputation: 2651Reputation: 2651Reputation: 2651
IPtables is already set by default to "stealth block" all ports

a "ping" will return NO answer on a request .
and any port scan will AUTOMATICALLY not return any info .
It will NOT inform the scanner that a port is open or closed .
It will just NOT respond .


That is the default settings

linux is NOT windows
 
Old 11-15-2013, 06:22 AM   #7
NewFedoraUser5
LQ Newbie
 
Registered: Nov 2013
Posts: 7

Original Poster
Rep: Reputation: Disabled
i did zenmap to myself and this results :


68/udp open|filtered dhcpc
631/udp open|filtered ipp
5353/udp open|filtered zeroconf
49166/udp open|filtered unknown

how i can be sure that none of them is open?

should i make rules in the firewall and deny them?
Last edited by NewFedoraUser5; 11-15-2013 at 06:26 AM.
 
Old 11-15-2013, 01:41 PM   #8
John VV
LQ Muse
 
Registered: Aug 2005
Location: A2 area Mi.
Posts: 17,624

Rep: Reputation: 2651Reputation: 2651Reputation: 2651Reputation: 2651Reputation: 2651Reputation: 2651Reputation: 2651Reputation: 2651Reputation: 2651Reputation: 2651Reputation: 2651
Quote:

68/udp open|filtered dhcpc
631/udp open|filtered ipp
5353/udp open|filtered zeroconf
49166/udp open|filtered unknown

how i can be sure that none of them is open?
then CLOSE the ports you opened in the firewall

you already OPENED those ports in the firewall
if you want to close them
remove the statements that you added to open them
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
LXer: How to straighten out firewall configuration on Fedora 18 LXer Syndicated Linux News 0 01-21-2013 02:50 AM
[SOLVED] Fedora Firewall Configuration Utility In Debian jeremy-passarelli Debian 6 06-01-2011 03:52 PM
firewall configuration simeon.mattes Slackware 2 01-01-2011 11:05 AM
Fedora 7 firewall configuration juliannerc Linux - Networking 1 02-02-2008 10:26 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 02:14 PM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration